From owner-freebsd-chromium@FreeBSD.ORG Thu Jan 3 15:32:16 2013 Return-Path: Delivered-To: freebsd-chromium@FreebSD.org Received: from mx1.freebsd.org (mx1.FreeBSD.org [8.8.178.115]) by hub.freebsd.org (Postfix) with ESMTP id C3DA3B27 for ; Thu, 3 Jan 2013 15:32:16 +0000 (UTC) (envelope-from gofc-freebsd-chromium@m.gmane.org) Received: from plane.gmane.org (plane.gmane.org [80.91.229.3]) by mx1.freebsd.org (Postfix) with ESMTP id 83C3EEDD for ; Thu, 3 Jan 2013 15:32:06 +0000 (UTC) Received: from list by plane.gmane.org with local (Exim 4.69) (envelope-from ) id 1TqmmA-0004pf-69 for freebsd-chromium@FreebSD.org; Thu, 03 Jan 2013 16:32:10 +0100 Received: from 208.85.208.53 ([208.85.208.53]) by main.gmane.org with esmtp (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for ; Thu, 03 Jan 2013 16:32:10 +0100 Received: from atkin901 by 208.85.208.53 with local (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for ; Thu, 03 Jan 2013 16:32:10 +0100 X-Injected-Via-Gmane: http://gmane.org/ To: freebsd-chromium@FreebSD.org From: Mark Atkinson Subject: Re: openat, O_DIRECTORY, shell_integration_linux.cc Date: Thu, 03 Jan 2013 07:31:45 -0800 Lines: 20 Message-ID: References: <1Tns6P-000IsX-DH@internal.tormail.org> Mime-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit X-Complaints-To: usenet@ger.gmane.org X-Gmane-NNTP-Posting-Host: 208.85.208.53 User-Agent: Mozilla/5.0 (X11; FreeBSD i386; rv:17.0) Gecko/17.0 Thunderbird/17.0 In-Reply-To: X-Enigmail-Version: 1.4.6 X-BeenThere: freebsd-chromium@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: FreeBSD-specific Chromium issues List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 03 Jan 2013 15:32:16 -0000 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 12/26/2012 14:12, George Liaskos wrote: > No, this patch is already removed actually. The next major update > will include many patch cleanups, clang build also got fixed. > > https://github.com/gliaskos/freebsd-chromium/tree/beta Glad I found this, clang built chromium on i386/current with v23 was sigbusing constantly. The beta branch off git works great. -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.19 (FreeBSD) Comment: Using GnuPG with undefined - http://www.enigmail.net/ iEYEARECAAYFAlDlpGEACgkQrDN5kXnx8yZcOgCfZBoSDv7EJUklgzKvQxGms3vk qaAAnjJeI3opPPwzfftJkuPvVDdi/KYo =p6gG -----END PGP SIGNATURE----- From owner-freebsd-chromium@FreeBSD.ORG Sat Jan 5 01:55:58 2013 Return-Path: Delivered-To: chromium@FreeBSD.ORG Received: from mx1.freebsd.org (mx1.FreeBSD.org [8.8.178.115]) by hub.freebsd.org (Postfix) with ESMTP id B169CD68 for ; Sat, 5 Jan 2013 01:55:58 +0000 (UTC) (envelope-from yuri@rawbw.com) Received: from shell0.rawbw.com (shell0.rawbw.com [198.144.192.45]) by mx1.freebsd.org (Postfix) with ESMTP id 8640B298 for ; Sat, 5 Jan 2013 01:55:55 +0000 (UTC) Received: from eagle.yuri.org (stunnel@localhost [127.0.0.1]) (authenticated bits=0) by shell0.rawbw.com (8.14.4/8.14.4) with ESMTP id r051tsQL044164 for ; Fri, 4 Jan 2013 17:55:54 -0800 (PST) (envelope-from yuri@rawbw.com) Message-ID: <50E7882A.1030302@rawbw.com> Date: Fri, 04 Jan 2013 17:55:54 -0800 From: Yuri User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:17.0) Gecko/17.0 Thunderbird/17.0 MIME-Version: 1.0 To: chromium@FreeBSD.ORG Subject: Why "Delete" button in "Certificate manager" is disables? Why certificates are prefilled? Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-BeenThere: freebsd-chromium@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: FreeBSD-specific Chromium issues List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 05 Jan 2013 01:55:58 -0000 These two questions bother me in regards to security and trust. Aren't users themselves the ones who are supposed to make the decision if to trust particular authorities? There are many questionable IMO items there, and I believe users should at least be aware that particular authorities for sites they use exist and who they are. I suggest trusting default authorities supplied with browser should be made a port option, "off" by default. Also bug that Delete button is disabled should be fixed. Yuri From owner-freebsd-chromium@FreeBSD.ORG Sat Jan 5 03:13:53 2013 Return-Path: Delivered-To: freebsd-chromium@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by hub.freebsd.org (Postfix) with ESMTP id 8F080B9D for ; Sat, 5 Jan 2013 03:13:53 +0000 (UTC) (envelope-from jr@opal.com) Received: from mho-02-ewr.mailhop.org (mho-04-ewr.mailhop.org [204.13.248.74]) by mx1.freebsd.org (Postfix) with ESMTP id 3534C73F for ; Sat, 5 Jan 2013 03:13:52 +0000 (UTC) Received: from pool-151-203-201-84.bos.east.verizon.net ([151.203.201.84] helo=homobox.opal.com) by mho-02-ewr.mailhop.org with esmtpsa (TLSv1:AES256-SHA:256) (Exim 4.72) (envelope-from ) id 1TrKCl-000AaB-HE for freebsd-chromium@freebsd.org; Sat, 05 Jan 2013 03:13:51 +0000 Received: from shibato (shibato.opal.com [IPv6:2001:470:8cb8:4:221:63ff:fe5a:c9a7]) (authenticated bits=0) by homobox.opal.com (8.14.4/8.14.4) with ESMTP id r053Dnv1099335 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES128-SHA bits=128 verify=NO) for ; Fri, 4 Jan 2013 22:13:49 -0500 (EST) (envelope-from jr@opal.com) X-Mail-Handler: Dyn Standard SMTP by Dyn X-Originating-IP: 151.203.201.84 X-Report-Abuse-To: abuse@dyndns.com (see http://www.dyndns.com/services/sendlabs/outbound_abuse.html for abuse reporting information) X-MHO-User: U2FsdGVkX1+dR4EYkW4uV9EcrsEVyZeo Date: Fri, 4 Jan 2013 22:13:48 -0500 From: "J.R. Oldroyd" To: freebsd-chromium@freebsd.org Subject: Re: Why "Delete" button in "Certificate manager" is disables? Why certificates are prefilled? Message-ID: <20130104221348.34923f5a@shibato> In-Reply-To: <50E7882A.1030302@rawbw.com> References: <50E7882A.1030302@rawbw.com> X-Mailer: Claws Mail 3.9.0 (GTK+ 2.24.6; amd64-portbld-freebsd9.1) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit X-Greylist: Sender succeeded SMTP AUTH, not delayed by milter-greylist-4.2.6 (homobox.opal.com [IPv6:2001:470:8cb8:4::1]); Fri, 04 Jan 2013 22:13:49 -0500 (EST) X-Spam-Status: No, score=-100.0 required=5.0 tests=SHORTCIRCUIT, USER_IN_WHITELIST shortcircuit=ham autolearn=disabled version=3.3.2 X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on homobox.opal.com X-BeenThere: freebsd-chromium@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: FreeBSD-specific Chromium issues List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 05 Jan 2013 03:13:53 -0000 On Fri, 04 Jan 2013 17:55:54 -0800 Yuri wrote: > These two questions bother me in regards to security and trust. > Aren't users themselves the ones who are supposed to make the > decision if to trust particular authorities? > > There are many questionable IMO items there, and I believe users > should at least be aware that particular authorities for sites they > use exist and who they are. > > I suggest trusting default authorities supplied with browser should > be made a port option, "off" by default. > Also bug that Delete button is disabled should be fixed. > > Yuri The "Delete" button works for me for certificates that I have installed. For certificates that were distributed with the browser, you can click the "Edit" button and disable the three Trust boxes which essentially turns off the certificate. -jr From owner-freebsd-chromium@FreeBSD.ORG Sat Jan 5 07:38:08 2013 Return-Path: Delivered-To: freebsd-chromium@freebsd.org Received: from mx1.freebsd.org (mx1.FreeBSD.org [8.8.178.115]) by hub.freebsd.org (Postfix) with ESMTP id E580931D for ; Sat, 5 Jan 2013 07:38:08 +0000 (UTC) (envelope-from yuri@rawbw.com) Received: from shell0.rawbw.com (shell0.rawbw.com [198.144.192.45]) by mx1.freebsd.org (Postfix) with ESMTP id BB1E3D5D for ; Sat, 5 Jan 2013 07:38:08 +0000 (UTC) Received: from eagle.yuri.org (stunnel@localhost [127.0.0.1]) (authenticated bits=0) by shell0.rawbw.com (8.14.4/8.14.4) with ESMTP id r057c7Bw086712; Fri, 4 Jan 2013 23:38:07 -0800 (PST) (envelope-from yuri@rawbw.com) Message-ID: <50E7D85F.4080006@rawbw.com> Date: Fri, 04 Jan 2013 23:38:07 -0800 From: Yuri User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:17.0) Gecko/17.0 Thunderbird/17.0 MIME-Version: 1.0 To: "J.R. Oldroyd" Subject: Re: Why "Delete" button in "Certificate manager" is disables? Why certificates are prefilled? References: <50E7882A.1030302@rawbw.com> <20130104221348.34923f5a@shibato> In-Reply-To: <20130104221348.34923f5a@shibato> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: freebsd-chromium@freebsd.org X-BeenThere: freebsd-chromium@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: FreeBSD-specific Chromium issues List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 05 Jan 2013 07:38:09 -0000 On 01/04/2013 19:13, J.R. Oldroyd wrote: > For certificates that were distributed with the browser, you can click > the "Edit" button and disable the three Trust boxes which essentially > turns off the certificate. For the matter of testing, I disabled all Thawte* certificates. And https://google.com still shows without a problem and says that its identity is verified by Thawte SGC CA. Yuri From owner-freebsd-chromium@FreeBSD.ORG Sat Jan 5 17:45:25 2013 Return-Path: Delivered-To: freebsd-chromium@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by hub.freebsd.org (Postfix) with ESMTP id 4369F6A8 for ; Sat, 5 Jan 2013 17:45:25 +0000 (UTC) (envelope-from fbsd@opal.com) Received: from mho-01-ewr.mailhop.org (mho-03-ewr.mailhop.org [204.13.248.66]) by mx1.freebsd.org (Postfix) with ESMTP id 10124907 for ; Sat, 5 Jan 2013 17:45:24 +0000 (UTC) Received: from pool-151-203-201-84.bos.east.verizon.net ([151.203.201.84] helo=homobox.opal.com) by mho-01-ewr.mailhop.org with esmtpsa (TLSv1:AES256-SHA:256) (Exim 4.72) (envelope-from ) id 1TrXo6-0006RV-9i; Sat, 05 Jan 2013 17:45:18 +0000 Received: from shibato (shibato.opal.com [IPv6:2001:470:8cb8:4:221:63ff:fe5a:c9a7]) (authenticated bits=0) by homobox.opal.com (8.14.4/8.14.4) with ESMTP id r05HjEK1017122 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES128-SHA bits=128 verify=NO); Sat, 5 Jan 2013 12:45:15 -0500 (EST) (envelope-from fbsd@opal.com) X-Mail-Handler: Dyn Standard SMTP by Dyn X-Originating-IP: 151.203.201.84 X-Report-Abuse-To: abuse@dyndns.com (see http://www.dyndns.com/services/sendlabs/outbound_abuse.html for abuse reporting information) X-MHO-User: U2FsdGVkX1/vIPVTpzyM3u3IvWtjREEK Date: Sat, 5 Jan 2013 12:45:13 -0500 From: "J.R. Oldroyd" To: Yuri Subject: Re: Why "Delete" button in "Certificate manager" is disables? Why certificates are prefilled? Message-ID: <20130105124513.29173323@shibato> In-Reply-To: <50E7D85F.4080006@rawbw.com> References: <50E7882A.1030302@rawbw.com> <20130104221348.34923f5a@shibato> <50E7D85F.4080006@rawbw.com> X-Mailer: Claws Mail 3.9.0 (GTK+ 2.24.6; amd64-portbld-freebsd9.1) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit X-Greylist: Sender succeeded SMTP AUTH, not delayed by milter-greylist-4.2.6 (homobox.opal.com [IPv6:2001:470:8cb8:4::1]); Sat, 05 Jan 2013 12:45:15 -0500 (EST) X-Spam-Status: No, score=-2.8 required=5.0 tests=ALL_TRUSTED,AWL,BAYES_00, RP_MATCHES_RCVD shortcircuit=no autolearn=ham version=3.3.2 X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on homobox.opal.com Cc: freebsd-chromium@freebsd.org X-BeenThere: freebsd-chromium@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: FreeBSD-specific Chromium issues List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 05 Jan 2013 17:45:25 -0000 On Fri, 04 Jan 2013 23:38:07 -0800 Yuri wrote: > On 01/04/2013 19:13, J.R. Oldroyd wrote: > > For certificates that were distributed with the browser, you can > > click the "Edit" button and disable the three Trust boxes which > > essentially turns off the certificate. > > For the matter of testing, I disabled all Thawte* certificates. > And https://google.com still shows without a problem and says that > its identity is verified by Thawte SGC CA. > > Yuri The certificate hierarchy for the google.com certificate shows that it is signed by the two "Verisign Class 3 Public Primary Certification Authority" certificates. If you uncheck the box for "Trust for verifying web sites" for these two certificates, then reload the https://google.com page, the browser is no longer able to verify the certificate. -jr